IT Security

Russia and Ukraine have been hit by another bout of malware that is similar to the NotPetya strain that broke in around June. This new strain of malware is called Bad Rabbit and it has a few similarities to the NotPetya outbreak.

Bad Rabbit

Bad Rabbit encrypts the data on machines that it has infected and then asks for a ransom to be paid. The payment that is requested is 0.05 bitcoins which equates to roughly £250. The malware was worded very similarly to the NotPetya strain, Kaspersky also say the Bad Rabbit uses “methods similar to those used” to NotPetya.

Bad Rabbit was unique in some ways due to the code. The code within the malware had plenty of references to modern pop culture which also includes the names of the dragons from Game of Thrones.

Who was Targeted

Kaspersky have noted that this attack was targeted against corporate networks, which creates another link to NotPetya from June. The major difference between NotPetya and Bad Rabbit is that Bad Rabbit has currently primarily hit Russian businesses, but this has since moved on to Ukraine.

How did it Start

The attack was started by a fake Adobe Flash update that was distributed from three compromised Russian media outlets. This was the initial foothold needed to help spread the malware around Russia and Ukraine.

Situation in the UK

Currently in the UK this hasn’t arisen, however the National Cyber Security Centre released the following statement, “We are aware of a cyber incident affecting a number of countries around the world. The NCSC has not received any reports that the UK has been affected by this latest malware attack. We are monitoring the situation and working with our partners to better understand the threat.” The NCSC also provided some recommendations following the statement.

How to avoid

There are some basic points that can be done to assist in protection. Ensuring that updates are pulled only from the supplier will help reduce the risk. Ensuring updates on anti-virus will also assist, however this can’t always prevent infection.